Home page logo

nanog logo nanog mailing list archives

Re: IPv6 and HTTPS
From: jeff adams <jeff.adams () bancvue com>
Date: Thu, 25 Apr 2013 21:46:15 -0500

On 04/25/2013 09:32 PM, Jay Ashworth wrote:
----- Original Message -----
From: "David Hubbard"<dhubbard () dino hostasaurus com>

The web server has to support it too, which means compiling
apache with SNI support and there are of course plenty of
hosts running old apache.

Well, sure, but for the hoster, it's a direct benefit, not an externality;
they have motive to fix it.

Sort of. Consider though that any clients of an SNI configured website
which don't support SNI will likely experience cert name mismatch
warnings, which is usually construed as a Bad Thing.

So in practice, there's not a lot of benefit/motive to support SNI
server side...

-- jra

This message and any attached files contain confidential information and is intended only for the individual named. If 
you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender 
immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail 
transmission cannot be guaranteed to be secure or without error as information could be intercepted, corrupted, lost, 
destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors 
or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is 
required please request a hard-copy version.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]